Authentication is an important part of ensuring network security; effective authentication can guarantee the authenticity of two communication parties, the integrity of a message and the reliability of a source, and can also protect information from attacks by illegal parties through such means as forgery, modification, and delay. Both private key cryptography mechanisms and public key cryptography mechanisms are commonly used in cryptography to ensure the security, integrity, and non-repudiation of identity information in communications, and to resist identity spoofing attacks. Quantum cryptography is a joint product of quantum mechanics and cryptography, and has proven to provide increased security and eavesdropper detectability. Quantum cryptography employs the fundamentals of quantum mechanics and is irrespective of the computing power and storage capacity of attackers. However, conventional QKD protocols do not provide an effective authentication mechanism, so a QKD process may still be subject to spoofing attacks, man-in-the-middle attacks or distributed denial of service (DDoS) attacks.
In view of the foregoing problems, the prior art provides the following two solutions:
i. M. Dusek et al. is one solution that is characterized by a belief that it is unnecessary to authenticate all pre-determined information in a quantum communication process. According to M. Dusek, only pre-determined information that affects the correct determination of the error rate of quantum states should be authenticated, and all other pre-determined information does not need to be authenticated. As a result, M. Dusek proposes a quantum authentication protocol in combination with a pre-determined message authentication algorithm, and the essence of the protocol is to authenticate as few pre-determined messages as possible with a pre-determined authentication algorithm.
ii. Another proposed solution combines the BB84 protocol with authentication. This protocol is different from the original BB84 protocol in that some bits in a randomly sent quantum bit string are set as specific authentication bits, the specific positions of the authentication bits are determined by an authentication key, authentication between two communication parties is achieved with measurement bases and polarization states of photons represented by bits of the authentication bits, and quantum states information of the authentication bits cannot be randomly sent and should be determined by an authentication key shared between the two parties according to a specific rule. A transmitter and a receiver set a portion of the shared quantum key acquired by each negotiation as an authentication key so as to realize the dynamic update of the authentication key.
The foregoing two solutions can improve the security of a QKD process to some extent because both adopt an authentication mechanism, however, they each have certain defects:
i. For the M. Dusek solution, the number of authentication keys pre-provisioned between two communication parties is limited, and the solution still adopts a pre-determined authentication technology without taking full advantage of quantum technology, so the solution inherits the risk of hacking and is vulnerable to spoofing attacks, man-in-the-middle attacks and DDoS attacks.
ii. For the BB84 protocol with authentication, although authentication information is sent in the form of quantum states to improve the security of key distribution, as this technical solution requires choosing a portion of the shared quantum key acquired by each negotiation as the authentication key, that portion of the shared quantum key can no longer be used for service data encryption, and quantum key resources are wasted.